Browse Source

Give an example of how to increase the state limit. The 10k limit is too

small for production servers now that pf is on by default.
OK phessler@
OPENBSD_5_3
claudio 12 years ago
parent
commit
d42b8f001d
1 changed files with 4 additions and 1 deletions
  1. +4
    -1
      src/etc/pf.conf

+ 4
- 1
src/etc/pf.conf View File

@ -1,9 +1,12 @@
# $OpenBSD: pf.conf,v 1.50 2011/04/28 00:19:42 mikeb Exp $
# $OpenBSD: pf.conf,v 1.51 2013/01/26 17:12:21 claudio Exp $
# #
# See pf.conf(5) for syntax and examples. # See pf.conf(5) for syntax and examples.
# Remember to set net.inet.ip.forwarding=1 and/or net.inet6.ip6.forwarding=1 # Remember to set net.inet.ip.forwarding=1 and/or net.inet6.ip6.forwarding=1
# in /etc/sysctl.conf if packets are to be forwarded between interfaces. # in /etc/sysctl.conf if packets are to be forwarded between interfaces.
# increase default state limit from 10'000 states on busy systems
#set limit states 100000
set skip on lo set skip on lo
# filter rules and anchor for ftp-proxy(8) # filter rules and anchor for ftp-proxy(8)


Loading…
Cancel
Save